Overview

URL ww1.ytsmx.one/movie/halloween-ends-2022-gnometorrent543/
IP5.189.145.98
ASNContabo GmbH
Location Germany
Report completed2022-09-27 18:56:42 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-27 2 haymishlytta.com Sinkholed
2022-09-27 2 haymishlytta.com Sinkholed


Files

URL reswsentativ.xyz/cFVpd1BfagoEbSUSO0UKQTkDLwUiATAgEiMEWD0/KRMNNggdZU8DORRoUE (...)
IP  172.67.140.14
Magic gzip compressed data, max compression\012- data
Size 613
MD5 3162f26af91a0d89702d69a347feffa8
SHA1 f3dccd689964578e99d9aef425700c0527020dd2
SHA256 d32d787f83dda57a10e93cc33ed05bba9809be0f9c45761925ce9c7209e9e53d
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (34)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-27 14:55:40 UTC 143.204.55.27
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-27 05:14:54 UTC 34.160.144.191
mnemonic passive DNS cdn.pncloudfl.com (1) 13313 2021-06-07 14:28:03 UTC 2022-09-27 16:17:56 UTC 104.22.58.221
mnemonic passive DNS s.w.org (1) 748 2017-01-30 04:56:16 UTC 2022-09-27 04:52:54 UTC 192.0.77.48
mnemonic passive DNS cdn.emojidex.com (1) 993889 2020-10-11 15:46:39 UTC 2022-09-24 05:47:00 UTC 54.230.111.2
mnemonic passive DNS hatsheisaco.xyz (4) 0 2022-09-18 19:36:40 UTC 2022-09-18 19:36:40 UTC 108.157.214.101 Unknown ranking
mnemonic passive DNS www.facebook.com (1) 99 2017-01-30 05:00:00 UTC 2022-09-27 04:38:43 UTC 157.240.200.35
mnemonic passive DNS cdn.cloudimagesb.com (1) 23099 2021-02-12 16:15:41 UTC 2022-09-27 14:12:30 UTC 45.133.44.9
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-27 04:52:33 UTC 34.117.237.239
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-27 05:14:54 UTC 54.187.146.10
mnemonic passive DNS image.tmdb.org (14) 17757 2021-01-10 00:13:25 UTC 2022-09-27 13:51:44 UTC 138.199.37.232
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-27 13:22:33 UTC 34.120.237.76
mnemonic passive DNS m.addthis.com (1) 1448 2013-11-06 20:12:22 UTC 2022-09-27 08:12:33 UTC 23.38.200.123
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-08-29 13:43:22 UTC 2022-09-27 04:53:14 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS r3.o.lencr.org (12) 344 2020-12-02 08:52:13 UTC 2022-09-27 04:52:25 UTC 23.36.76.226
mnemonic passive DNS ocsp.digicert.com (5) 86 2012-05-21 07:02:23 UTC 2022-09-27 12:08:14 UTC 93.184.220.29
mnemonic passive DNS s7.addthis.com (2) 1504 2012-05-21 03:34:04 UTC 2022-09-27 05:13:44 UTC 23.38.200.123
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-27 04:52:54 UTC 142.250.74.72
mnemonic passive DNS ajax.googleapis.com (1) 12905 2015-02-02 18:56:09 UTC 2022-09-27 17:09:53 UTC 142.250.74.42
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.118
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-09-27 05:23:18 UTC 104.17.24.14
mnemonic passive DNS v1.addthisedge.com (1) 1721 2019-05-22 18:56:22 UTC 2022-09-27 05:13:45 UTC 23.38.200.123
mnemonic passive DNS pogothere.xyz (4) 0 2022-09-04 19:11:25 UTC 2022-09-27 12:45:27 UTC 172.64.198.35 Unknown ranking
mnemonic passive DNS ww1.ytsmx.one (19) 0 2022-08-22 08:26:16 UTC 2022-09-06 22:23:41 UTC 5.189.145.98 Unknown ranking
mnemonic passive DNS d1zw85ny9dtn37.cloudfront.net (7) 0 2022-05-18 14:35:54 UTC 2022-09-24 13:37:37 UTC 54.230.245.105 Unknown ranking
mnemonic passive DNS www.google-analytics.com (2) 40 2012-10-03 01:04:21 UTC 2022-09-27 15:18:37 UTC 142.250.74.174
mnemonic passive DNS accounts.google.com (4) 81 2016-09-05 09:39:47 UTC 2022-09-27 05:15:43 UTC 216.58.207.237
mnemonic passive DNS hypermusk.com (2) 33416 2019-09-23 10:48:08 UTC 2022-09-27 16:17:55 UTC 62.122.171.12
mnemonic passive DNS stunningruin.com (1) 0 2022-09-15 09:20:52 UTC 2022-09-27 13:32:05 UTC 213.174.151.98 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (9) 175 2017-06-14 07:23:31 UTC 2022-09-27 04:53:14 UTC 142.250.74.3
mnemonic passive DNS haymishlytta.com (2) 0 2022-08-03 12:22:51 UTC 2022-09-24 16:47:29 UTC 23.109.248.171 Unknown ranking
mnemonic passive DNS e1.o.lencr.org (8) 6159 2021-08-20 07:36:30 UTC 2022-09-27 05:36:01 UTC 23.36.77.32
mnemonic passive DNS reswsentativ.xyz (7) 0 2022-09-18 06:49:11 UTC 2022-09-27 12:45:27 UTC 172.67.140.14 Unknown ranking
mnemonic passive DNS z.moatads.com (1) 374 2014-02-11 16:19:47 UTC 2022-09-27 05:24:49 UTC 23.38.201.146


Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 5.189.145.98

Date UQ / IDS / BL URL IP
2022-11-12 18:08:47 +0000
0 - 0 - 4 ww3.ytsmx.one/ 5.189.145.98
2022-09-27 18:56:42 +0000
0 - 0 - 2 ww1.ytsmx.one/movie/halloween-ends-2022-gnome (...) 5.189.145.98
2022-09-06 22:23:06 +0000
0 - 0 - 2 ww1.yifymovies.one/movie/the-quintessential-q (...) 5.189.145.98

Last 5 reports on ASN: Contabo GmbH

Date UQ / IDS / BL URL IP
2022-12-09 01:50:42 +0000
0 - 0 - 1 theexchequer.ie/images/dub/login.php 79.143.188.144
2022-12-09 01:10:21 +0000
0 - 0 - 1 mw1tracking.sg.quickvizstudio.com/index.php/c (...) 75.119.141.56
2022-12-09 01:08:30 +0000
0 - 0 - 2 cv.joanaranda.cat/ 173.249.40.128
2022-12-09 00:55:34 +0000
0 - 0 - 6 truenetsunsuing5.xyz/ntve/index.php?QBOT.zip 38.242.206.189
2022-12-09 00:44:59 +0000
0 - 0 - 6 tlcskinpj6.xyz/ipms/index.php?QBOT.zip 38.242.206.189

Last 2 reports on domain: ytsmx.one

Date UQ / IDS / BL URL IP
2022-11-12 18:08:47 +0000
0 - 0 - 4 ww3.ytsmx.one/ 5.189.145.98
2022-09-27 18:56:42 +0000
0 - 0 - 2 ww1.ytsmx.one/movie/halloween-ends-2022-gnome (...) 5.189.145.98

No other reports with similar screenshot



JavaScript

Executed Scripts (31)


Executed Evals (2)

#1 JavaScript::Eval (size: 11, repeated: 1) - SHA256: 8ee784d797ce97ed9716bb42682346deb0c7ae8ff75d7ad8ae60508907054c16

                                        addthis.cbs
                                    

#2 JavaScript::Eval (size: 8, repeated: 1) - SHA256: 3c4b9b06fe520e9d07b2150eebd412a59c91d789706d99a2b2dc9bf217604d1f

                                        _ate.cbs
                                    

Executed Writes (0)



HTTP Transactions (127)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 18:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GtEFj6jZ41693LV93EseCN-Gdwvh9-0NeUX_bV6ip-QF4qMBI-GCNQ==
Age: 2461


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4583
Expires: Tue, 27 Sep 2022 20:12:54 GMT
Date: Tue, 27 Sep 2022 18:56:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F35BB3A8C877DD8D3C5920F3C917722F12B157AFF398E2EC30FAB51FA6CAA2EF"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11768
Expires: Tue, 27 Sep 2022 22:12:39 GMT
Date: Tue, 27 Sep 2022 18:56:31 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: udyj/1u36FqESEP4b7LdwTXWXE0jHCS2vv1EILCTSe550jSfNy1t68BixeFasnKAt+QyNIQ9SbQ=
x-amz-request-id: A5HP3ECD401YQVM4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 27 Sep 2022 18:47:00 GMT
age: 571
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 27 Sep 2022 18:56:31 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /movie/halloween-ends-2022-gnometorrent543/ HTTP/1.1 
Host: ww1.ytsmx.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         5.189.145.98
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 27 Sep 2022 18:56:31 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/7.4.22
Set-Cookie: wordpress_43fe39324cb229f6e75461b07e809908=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-content/plugins; HttpOnly wordpress_43fe39324cb229f6e75461b07e809908=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-admin; HttpOnly wordpress_logged_in_43fe39324cb229f6e75461b07e809908=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
X-Pingback: http://ww1.ytsmx.one/xmlrpc.php
Expires: Tue, 27 Sep 2022 19:56:31 GMT
Cache-Control: max-age=3600
Location: https://ww1.ytsmx.one/movie/halloween-ends-2022-gnometorrent543/

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "81FEE70BAC4409D9B3AC6A1284E3B0FEA0F6A714EE2439321FB6575D34607B2F"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18114
Expires: Tue, 27 Sep 2022 23:58:25 GMT
Date: Tue, 27 Sep 2022 18:56:31 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 27 Sep 2022 18:10:46 GMT
Expires: Tue, 27 Sep 2022 19:04:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SQ2cEFOaMtQfxHgOJoTPVntt49BvNil7OtqJOy6C8H76SQhz-adggw==
Age: 2745


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4116
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 18:56:31 GMT
Last-Modified: Tue, 27 Sep 2022 17:47:55 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qrqshrdcI55QEO28EVlGwg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.187.146.10
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yIbvUxG41NjDNKidG8u20QVgYlk=

                                        
                                            GET /movie/halloween-ends-2022-gnometorrent543/ HTTP/1.1 
Host: ww1.ytsmx.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         5.189.145.98
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 27 Sep 2022 18:56:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.22
Set-Cookie: wordpress_sec_43fe39324cb229f6e75461b07e809908=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-content/plugins; secure; HttpOnly wordpress_sec_43fe39324cb229f6e75461b07e809908=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-admin; secure; HttpOnly wordpress_logged_in_43fe39324cb229f6e75461b07e809908=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly
X-Pingback: https://ww1.ytsmx.one/xmlrpc.php
Link: <https://ww1.ytsmx.one/wp-json/>; rel="https://api.w.org/", <https://ww1.ytsmx.one/?p=48453>; rel=shortlink
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (53194), with CRLF, LF line terminators
Size:   40316
Md5:    f5d86eee35ae93b0becf22c875e280ee
Sha1:   21f88f8dacd1b83d4bee41385ebb757602d4a5d9
Sha256: 2400fc4d105908eac680c1b456243211bf32435eb1e870c9b76f8f88f488f949
                                        
                                            GET /wp-content/themes/movies/assets/css/onclick.css HTTP/1.1 
Host: ww1.ytsmx.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/movie/halloween-ends-2022-gnometorrent543/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         5.189.145.98
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Tue, 27 Sep 2022 18:56:32 GMT
Last-Modified: Tue, 24 Aug 2021 10:42:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6124cd0a-5db9"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   5507
Md5:    585928433c59ade977129248674623e5
Sha1:   75917f7a5f3468088ee8788706354a914a28700d
Sha256: 16c25045a0dcd01d01f0881f1212cba27a7c741408568538101dc4a476c01653
                                        
                                            GET /js/300/addthis_widget.js HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116360
date: Tue, 27 Sep 2022 18:56:32 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (54602)
Size:   116360
Md5:    b87cd33d44e99d7bb4fa59f97915a154
Sha1:   429b6461bab5189d6987d39713c3405223c461b8
Sha256: 9ad12a8b1ed82ccdfc74eebce578bd8f146b04ba08476f8a9a237e346f1772b2
                                        
                                            GET /wp-content/themes/movies/css/icon.css HTTP/1.1 
Host: ww1.ytsmx.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/movie/halloween-ends-2022-gnometorrent543/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         5.189.145.98
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Tue, 27 Sep 2022 18:56:32 GMT
Last-Modified: Tue, 24 Aug 2021 10:42:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6124cd0a-208d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (8333), with no line terminators
Size:   1740
Md5:    09680dc884fd7f63f2d3baaf75daef07
Sha1:   c5685053977539a976850a20534f284dc9856f47
Sha256: 054942c2ed15ecf6bb15d287a84a2076972eb642afa6acac513ff5f9d2bb0de5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/movies/assets/js/jquery.idTabs.min.js?ver=1.2.5 HTTP/1.1 
Host: ww1.ytsmx.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/movie/halloween-ends-2022-gnometorrent543/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         5.189.145.98
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 27 Sep 2022 18:56:32 GMT
Last-Modified: Tue, 24 Aug 2021 10:42:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6124cd0a-7c0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (1984), with no line terminators
Size:   905
Md5:    54d4f7070bcab53e72e0ad25bd954338
Sha1:   5c05ff7dce3b187378861d6c6cbfaef6889d2f32
Sha256: 15d257c0c50190a627a7b226c11fcf6e759cc937b4e37ee2f07ce722259cdcfd
                                        
                                            GET /gtag/js?id=UA-205881553-2 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 18:56:32 GMT
expires: Tue, 27 Sep 2022 18:56:32 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42335
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2039)
Size:   42335
Md5:    8ef90198e3a494338466e69c3f3c26ed
Sha1:   5521cd1ab0cf951cee8e77c87e6892022bce5da4
Sha256: 2e96d9819ee121ff82bd1a59a2170ad771c6cc29e8feffffdfb0ad63f7cae527
                                        
                                            GET /ajax/libs/jquery/2.1.3/jquery.min.js?ver=2.1.3 HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.42
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 17:09:40 GMT
expires: Mon, 25 Sep 2023 17:09:40 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
age: 179212
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32180)
Size:   29707
Md5:    f16500423cc2867eff8b773df637c48f
Sha1:   1cd32d75b59a89c3a70274e383151a61ce0594f4
Sha256: 6ca5dc8ad67639c69117ace46c93703cf5fff82824cfc0bada0cf0fb3b2d41d7
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "693AC6C3EEDB9E70EA83A55DB7E8569FE923B303AE1EFF9686A845F03985B0F6"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15070
Expires: Tue, 27 Sep 2022 23:07:42 GMT
Date: Tue, 27 Sep 2022 18:56:32 GMT
Connection: keep-alive

                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1 
Host: ww1.ytsmx.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/movie/halloween-ends-2022-gnometorrent543/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         5.189.145.98
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 27 Sep 2022 18:56:32 GMT
Last-Modified: Tue, 24 Aug 2021 10:42:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6124cd0c-2748"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (9959)
Size:   4014
Md5:    6bec1f76b8e1794067a92462be219db2
Sha1:   9b3b02920957594dd64e09fd2cf057413cfd2347
Sha256: 17763f08cd4c81bf9dd2f9d301396df32cede70c9b267a82602af99e342d8680
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/movies/assets/js/owl.carousel.js?ver=1.2.5 HTTP/1.1 
Host: ww1.ytsmx.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/movie/halloween-ends-2022-gnometorrent543/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         5.189.145.98
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 27 Sep 2022 18:56:32 GMT
Last-Modified: Tue, 24 Aug 2021 10:42:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6124cd0a-5d80"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (635), with CRLF line terminators
Size:   6464
Md5:    6793052d66c73bb15901ad3c0caceedc
Sha1:   066084393d3f12fbff4fb92e3c7bce2907ec5b72
Sha256: acf07bff1bc49caa0924edc6ad05274fa304f9fc2778b6071b4217d9b004cfa1
                                        
                                            GET /wp-content/themes/movies/assets/css/theme.style.css?ver=1.2.5 HTTP/1.1 
Host: ww1.ytsmx.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/movie/halloween-ends-2022-gnometorrent543/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         5.189.145.98
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Tue, 27 Sep 2022 18:56:32 GMT
Last-Modified: Tue, 24 Aug 2021 10:42:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6124cd0a-27cd3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   27181
Md5:    c8b8642735222ffbee3b2918d5acb44d
Sha1:   1f24e75b370ccfd4a230b6aad45efce159d75069
Sha256: 8114be6d6b043aef983da739504891f1e8aba779326f806d3fae9247184c8d27
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/movies/assets/css/theme.main.dark.css?ver=1.2.5 HTTP/1.1 
Host: ww1.ytsmx.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/movie/halloween-ends-2022-gnometorrent543/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         5.189.145.98
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Tue, 27 Sep 2022 18:56:32 GMT
Last-Modified: Tue, 24 Aug 2021 10:42:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6124cd0a-1cae5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   23166
Md5:    1e4f5a9c5bf84feb62f31aac2082c499
Sha1:   ff54708351b69ee8f1f087d7a3c276df7c19e901
Sha256: d5f6793198f074dfbca72e5f59b3ef788ee33774f47b35c2b32a99fe0232ce7a
                                        
                                            GET /wp-content/themes/movies/assets/js/jquery.qtip.min.js?ver=1.2.5 HTTP/1.1 
Host: ww1.ytsmx.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/movie/halloween-ends-2022-gnometorrent543/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         5.189.145.98
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 27 Sep 2022 18:56:32 GMT
Last-Modified: Tue, 24 Aug 2021 10:42:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6124cd0a-ad0c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (32120), with CRLF line terminators
Size:   16120
Md5:    e712318610d27bdc8c8516f7d04eaea5
Sha1:   163f83bc90b1f1be241ddc86589dc852b42bad71
Sha256: 7e8245cbe9e949e416f5133c6adc0c910c4d35d0f8de342d532d370c985813e5
                                        
                                            GET /wp-content/themes/movies/assets/js/bootstrap.min.js?ver=1.2.5 HTTP/1.1 
Host: ww1.ytsmx.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/movie/halloween-ends-2022-gnometorrent543/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         5.189.145.98
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 27 Sep 2022 18:56:32 GMT
Last-Modified: Tue, 24 Aug 2021 10:42:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6124cd0a-8c75"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (32025), with CRLF line terminators
Size:   9519
Md5:    a63f6550e0f149fba3711d9f69bce20e
Sha1:   c06c1e25d6e05375e149116886cc866519208480
Sha256: 9a56a066c92c8584dd67fcbac9c5ee2d993cb1b05c484d94523a03690c49bbc9
                                        
                                            GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1 
Host: ww1.ytsmx.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/movie/halloween-ends-2022-gnometorrent543/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         5.189.145.98
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 27 Sep 2022 18:56:32 GMT
Last-Modified: Tue, 24 Aug 2021 10:42:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6124cd0c-17a6a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (31997)
Size:   33753
Md5:    b6f205d21a925ec7d43cd0c9a89e471e
Sha1:   9e9083f718cabd5c3285ce7f45e9a549bfec722a
Sha256: c01158f9128968b5c30c8da44b7c808231633436a8f5d6e895044e6b5746e3d6
                                        
                                            GET /wp-content/themes/movies/assets/js/theme.script.min.js?ver=1.2.5 HTTP/1.1 
Host: ww1.ytsmx.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/movie/halloween-ends-2022-gnometorrent543/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         5.189.145.98
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 27 Sep 2022 18:56:32 GMT
Last-Modified: Tue, 24 Aug 2021 10:42:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6124cd0a-f0f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (598), with CRLF line terminators
Size:   1152
Md5:    0d92efa2a22efb1a9b2b0dca7d789cd6
Sha1:   3dd5e65537f01c0bc687207f20deb4dfb497effa
Sha256: 2b6233253f9cc2e0492e35739efc8ea97830977b896e7c6daa770cc389aefe49
                                        
                                            GET /gxF0U5k3jeb6/41729 HTTP/1.1 
Host: haymishlytta.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.109.248.171
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 27 Sep 2022 18:56:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ww1.ytsmx.one
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Wed, 28-Sep-2022 18:56:32 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Wed, 28-Sep-2022 18:56:32 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   26
Md5:    4e5d65669f8dcd928dad06adf883f025
Sha1:   d771713d758c3348dd7e5b38bb40c7935399ae46
Sha256: 0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/wp-embed.min.js?ver=4.9.21 HTTP/1.1 
Host: ww1.ytsmx.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/movie/halloween-ends-2022-gnometorrent543/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         5.189.145.98
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 27 Sep 2022 18:56:32 GMT
Last-Modified: Tue, 24 Aug 2021 10:42:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6124cd0c-56f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (1391), with no line terminators
Size:   739
Md5:    6a4207a61d6ddaf4b9c251c17fd4088a
Sha1:   873f882f713e67f38fd6872613e6d2216049e1ca
Sha256: 5abff305c3167c30f15aecb6fe6faf03fb0f45d522ec6628a797a801afc9cd6e
                                        
                                            GET /?ynwzd=958078 HTTP/1.1 
Host: d1zw85ny9dtn37.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.105
HTTP/2 200 OK
                                        
content-length: 49633
date: Tue, 27 Sep 2022 18:56:32 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CGUj0ajQ6Rm-kSZkFIf89ckVjZ54XVBhLn4-wudqaulqGfsk5EyCqQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15952)
Size:   49633
Md5:    f7ce27db2f4a70519bfe52c467d5077d
Sha1:   6b6d4e83ed49e56da93e26ecf46aef6bd0357efa
Sha256: 941fe1a9abba33552a32edb09bb5379f9df2a3c571a7cdaca4640a658d6aa4c6
                                        
                                            GET /images/core/emoji/13.0.1/svg/1f4e5.svg HTTP/1.1 
Host: s.w.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.48
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Tue, 27 Sep 2022 18:56:32 GMT
vary: Accept-Encoding
last-modified: Tue, 20 Oct 2020 16:13:31 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF4AA64E32682C858B34CD6C9ABCCEA5ABD92973875E42E254C19CD030A0CDF2"
Last-Modified: Sun, 25 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2213
Expires: Tue, 27 Sep 2022 19:33:26 GMT
Date: Tue, 27 Sep 2022 18:56:33 GMT
Connection: keep-alive

                                        
                                            GET /gxF0U5k3jeb6/41729 HTTP/1.1 
Host: haymishlytta.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.109.248.171
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 27 Sep 2022 18:56:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ww1.ytsmx.one
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   26
Md5:    4e5d65669f8dcd928dad06adf883f025
Sha1:   d771713d758c3348dd7e5b38bb40c7935399ae46
Sha256: 0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF4AA64E32682C858B34CD6C9ABCCEA5ABD92973875E42E254C19CD030A0CDF2"
Last-Modified: Sun, 25 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2213
Expires: Tue, 27 Sep 2022 19:33:26 GMT
Date: Tue, 27 Sep 2022 18:56:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF4AA64E32682C858B34CD6C9ABCCEA5ABD92973875E42E254C19CD030A0CDF2"
Last-Modified: Sun, 25 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2213
Expires: Tue, 27 Sep 2022 19:33:26 GMT
Date: Tue, 27 Sep 2022 18:56:33 GMT
Connection: keep-alive

                                        
                                            GET /t/p/w185/m0jr23r30h8DUrX3kIu7rO3NIQp.jpg HTTP/1.1 
Host: image.tmdb.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         138.199.37.232
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
content-length: 13182
server: BunnyCDN-DE-874
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272fa45-337e"
last-modified: Wed, 04 May 2022 22:12:21 GMT
cdn-storageserver: NY-266
cdn-requestpullsuccess: True
cdn-fileserver: 267
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 05:54:53
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: a50e460cdca9eb906de15fab8ceb33f7
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Size:   13182
Md5:    cac1b00fae8a0444b14da02844f6a340
Sha1:   91ec5d47fa02b35b24b04e7ef37763267cebccd1
Sha256: fe0b9f2a218827cd3be47fcffa38942c2e16496314ba20ef0c49aa40bdabf83a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 18:56:33 GMT
Last-Modified: Tue, 27 Sep 2022 17:08:36 GMT
Server: ECS (dcb/7F16)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FYtHAnNMMOPJGNBwH6xQVbUD1HHJb6ExZJTkfUndxW5XVZaXFP2dTg==
Age: 6477

                                        
                                            GET /t/p/w185/jN0uuc8U6M3sTg9zEaliJV60Stf.jpg HTTP/1.1 
Host: image.tmdb.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         138.199.37.232
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
content-length: 12506
server: BunnyCDN-DE-874
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272bfa5-30da"
last-modified: Wed, 04 May 2022 18:02:13 GMT
cdn-storageserver: DE-197
cdn-requestpullsuccess: True
cdn-fileserver: 303
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 05:16:27
cdn-edgestorageid: 632
cdn-status: 200
cdn-requestid: fa15d461f02f02e6a0fdacad9a742f07
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Size:   12506
Md5:    635b905b4544f638ac9ab2af725a65d9
Sha1:   6d7e9bcc55160af9155636203d516a1d34f1f8f3
Sha256: ab77687d4d808e920a678637b8d7175ff684a6bf45d648684db808d3c8d9711b
                                        
                                            GET /t/p/w185/ro2BnH891TulVUcQysIXOlZTdXx.jpg HTTP/1.1 
Host: image.tmdb.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.199.37.232
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
content-length: 18499
server: BunnyCDN-DE-874
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6273079f-4843"
last-modified: Wed, 04 May 2022 23:09:19 GMT
cdn-storageserver: DE-164
cdn-requestpullsuccess: True
cdn-fileserver: 302
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 09:39:37
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: d48ceaa938f9adc03e59babb73bc5b9d
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Size:   18499
Md5:    bd4913d83c688ce706c1a8296328cc98
Sha1:   49e08efc2c1715a240e1e5ca0b777b94b75c6e7a
Sha256: 319ff5f563e5d258367bfcb99c599405b5b8d45720da41ee86531676b3dd8650
                                        
                                            GET /t/p/w185/3H1WFCuxyNRP35oiL2qqwhAXxc0.jpg HTTP/1.1 
Host: image.tmdb.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         138.199.37.232
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
content-length: 13085
server: BunnyCDN-DE-874
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272be81-331d"
last-modified: Wed, 04 May 2022 17:57:21 GMT
cdn-storageserver: DE-199
cdn-requestpullsuccess: True
cdn-fileserver: 303
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 04:08:42
cdn-edgestorageid: 632
cdn-status: 200
cdn-requestid: 43ab9558ba16694b0428ee154f61dbbe
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Size:   13085
Md5:    038e1d6643fa5d5571f827ceb1d055d2
Sha1:   dd82e3cb3c6f42841f01a932207224e6cb7211cc
Sha256: fbd8a96d4a09abe72a37cc0d6a3cf3358b75e4846d4ac8484a441e8c6c1f337a
                                        
                                            GET /wp-content/uploads/2021/08/ytslogo-2.png HTTP/1.1 
Host: ww1.ytsmx.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/movie/halloween-ends-2022-gnometorrent543/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         5.189.145.98
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 27 Sep 2022 18:56:33 GMT
Content-Length: 13881
Last-Modified: Tue, 24 Aug 2021 10:47:38 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6124ce4a-3639"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 378 x 119, 8-bit/color RGBA, non-interlaced\012- data
Size:   13881
Md5:    115e6261f231edfcfbd119ecd760247d
Sha1:   7de77878183ec04a4bb6ee093fafda6dcb277acb
Sha256: 57dc515e54290b6b769a173187ac48f299e8e77e6bed4b14310d5a0096544a03
                                        
                                            GET /wp-content/themes/movies/assets/css/img/mask-title.png HTTP/1.1 
Host: ww1.ytsmx.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/wp-content/themes/movies/assets/css/theme.main.dark.css?ver=1.2.5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         5.189.145.98
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 27 Sep 2022 18:56:33 GMT
Content-Length: 972
Last-Modified: Tue, 24 Aug 2021 10:42:18 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6124cd0a-3cc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 1 x 151, 8-bit/color RGBA, non-interlaced\012- data
Size:   972
Md5:    b96969041dd54e00a956cb540b536d22
Sha1:   e8a7c7914cfa11237a8b9b3ec2a33199841e7134
Sha256: 8760363f47c1b5e34f6ad0df1eb905162d0076e4a8d9f834aa951070cd963efc
                                        
                                            GET /t/p/w185/8qcQmR9X0lk5quFSdH4AHUqtmrB.jpg HTTP/1.1 
Host: image.tmdb.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         138.199.37.232
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
content-length: 6944
server: BunnyCDN-DE-874
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62d5ebb6-1b20"
last-modified: Mon, 18 Jul 2022 23:24:38 GMT
cdn-storageserver: DE-200
cdn-requestpullsuccess: True
cdn-fileserver: 368
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 06:02:05
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: ffd1f3530ad864bef25941d03216d77d
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x277, components 3\012- data
Size:   6944
Md5:    281992f59285828048a4ec2a3f46d532
Sha1:   625961024118de5c63c66f77f8920246882f5238
Sha256: 4993534664dff5bcdaa51010852f51308345abef7673e80799b7c26dcc2631fc
                                        
                                            GET /t/p/w300/oak26GugtlmnYkJW4UwO2flmFsc.jpg HTTP/1.1 
Host: image.tmdb.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         138.199.37.232
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
content-length: 2268
server: BunnyCDN-DE-874
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "627494f5-8dc"
last-modified: Fri, 06 May 2022 03:24:37 GMT
cdn-storageserver: NY-266
cdn-requestpullsuccess: True
cdn-fileserver: 268
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/21/2022 19:58:39
cdn-edgestorageid: 722
cdn-status: 200
cdn-requestid: eddc0c7ea9c0c61d31289fa52e65c9e2
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x169, components 3\012- data
Size:   2268
Md5:    35e99b41e2eea943f71c026bb408a456
Sha1:   326ae3c6d208046f9567fc32377fb413ebf7a2c4
Sha256: 86f71bb544dbae5a94e74f86ef7c4d885ff6f204362ed36a885fd8ed10ef04db
                                        
                                            GET /t/p/w185/qRf5GK85cbp5rgcXVIxtCHzZ95i.jpg HTTP/1.1 
Host: image.tmdb.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.199.37.232
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
content-length: 9979
server: BunnyCDN-DE-874
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272bcfc-26fb"
last-modified: Wed, 04 May 2022 17:50:52 GMT
cdn-storageserver: DE-200
cdn-requestpullsuccess: True
cdn-fileserver: 303
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 02:36:28
cdn-edgestorageid: 723
cdn-status: 200
cdn-requestid: 68d021cd7ab15a52d2a92580979f72d5
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x271, components 3\012- data
Size:   9979
Md5:    ae7be415f2d3ff8a3d53bb2d45c5b3f4
Sha1:   baf20748ef965a9c72b1b152c18fe56e2cecad41
Sha256: 7d89185f1850f2ffbc1d9a48ad74ead89d4fb0f416736c543d984941bb3cf2a4
                                        
                                            GET /t/p/w185/c8aAEglWjKwSHimU3kgopJWykfC.jpg HTTP/1.1 
Host: image.tmdb.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         138.199.37.232
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
content-length: 10725
server: BunnyCDN-DE-874
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272bed3-29e5"
last-modified: Wed, 04 May 2022 17:58:43 GMT
cdn-storageserver: DE-165
cdn-requestpullsuccess: True
cdn-fileserver: 299
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 07:00:28
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: 0e5497c9c286e03a4436dd1a0302c52d
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Size:   10725
Md5:    f87ffb2f36ee7f26538bcb08a93f9b95
Sha1:   aeb03deeab52d9d825cb377d615e45f72a2e72a0
Sha256: f4388e109ae4aef3e41139d2b8f28527932953b9088b6b3cb612c0d98ab01934
                                        
                                            GET /emoji/seal/YouTube.png HTTP/1.1 
Host: cdn.emojidex.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.2
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 6220
date: Tue, 27 Sep 2022 02:59:39 GMT
last-modified: Sun, 10 Dec 2017 17:31:27 GMT
etag: "087b4dc55ac459f86e6d11d402095394"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Mu6X1Qh9tmLxTO0ooj8frMpYqig9XCUM-vLmxkYEaUyrwP-BOPyFhA==
age: 57415
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 320 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size:   6220
Md5:    087b4dc55ac459f86e6d11d402095394
Sha1:   b2faa7c83a7761e0a4dbd5214e136288547fec77
Sha256: d545e960c7c7f04de73ced9b6aca9347bc735b1d7bb082cedaa14c89e7548b54
                                        
                                            GET /t/p/w185/oep1iDOJsoe2uD067iWNQdTDSqQ.jpg HTTP/1.1 
Host: image.tmdb.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.199.37.232
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
content-length: 15243
server: BunnyCDN-DE-874
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6273200e-3b8b"
last-modified: Thu, 05 May 2022 00:53:34 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/23/2022 23:58:59
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: 4633355d87f58d9886f8d6e1303f0a50
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Size:   15243
Md5:    1ccda9c7663cfd6aae2f1a771f582198
Sha1:   ee118902a16b6329ef55e2a59a82d9876cdc3061
Sha256: 5c651f8611e4ab3aeb8913c9cd20669702d1d2be51aa9ca4300548e9b00efb16
                                        
                                            GET /t/p/w185/piGZDwFW4urLYDWGiYJMrt6hdCS.jpg HTTP/1.1 
Host: image.tmdb.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.199.37.232
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
content-length: 9015
server: BunnyCDN-DE-874
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272bf16-2337"
last-modified: Wed, 04 May 2022 17:59:50 GMT
cdn-storageserver: DE-167
cdn-requestpullsuccess: True
cdn-fileserver: 335
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 02:34:58
cdn-edgestorageid: 865
cdn-status: 200
cdn-requestid: 50c8bbd332c4bedb49dd84751bf34967
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x277, components 3\012- data
Size:   9015
Md5:    bfc15965bae3fac94dc656fb86ecdac8
Sha1:   a90f622860a5f90ebee5bf9af9b3b3b6d2b77eb2
Sha256: 0d1b3d54e38ecb830929057a2a82cd8a5ad434647feae637e279d833efc0ac1c
                                        
                                            GET /t/p/w185/1X6BxBlHqA8VdFrLwmeSiNSEpEB.jpg HTTP/1.1 
Host: image.tmdb.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         138.199.37.232
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
content-length: 30670
server: BunnyCDN-DE-874
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272b75f-77ce"
last-modified: Wed, 04 May 2022 17:26:55 GMT
cdn-storageserver: DE-199
cdn-requestpullsuccess: True
cdn-fileserver: 335
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 02:43:48
cdn-edgestorageid: 632
cdn-status: 200
cdn-requestid: 857514508a1263c3145ee6b65a60d914
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Size:   30670
Md5:    a9fdb2f8be6ef6b7b4afc85430ae45af
Sha1:   cda233ac5ff4e511504d13ae0bd017217d7a6cbb
Sha256: 4f261438439f8180abadba9b63b40d3c898603d9aa863b30c254f6d5661df5f8
                                        
                                            GET /t/p/w185/paYKhEwUaxKA05vmOfU7FlleTln.jpg HTTP/1.1 
Host: image.tmdb.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         138.199.37.232
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
content-length: 15924
server: BunnyCDN-DE-874
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272b75c-3e34"
last-modified: Wed, 04 May 2022 17:26:52 GMT
cdn-storageserver: DE-169
cdn-requestpullsuccess: True
cdn-fileserver: 334
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 02:44:43
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: a4a4662c1083bc1d5fe47a12707c5ecd
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Size:   15924
Md5:    fc51303387bc417c5085cd9746354b0a
Sha1:   06ea1568af382d416998b8eaf62cb7af41510931
Sha256: b3fecadc5d8d45e30ee94fa00e11088e930e25e932ff026e332270ee8c4cc97b
                                        
                                            GET /t/p/w185/djkQVkKcRNGxv1ahOIXJGcEj3lM.jpg HTTP/1.1 
Host: image.tmdb.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.199.37.232
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
content-length: 17029
server: BunnyCDN-DE-874
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272e54e-4285"
last-modified: Wed, 04 May 2022 20:42:54 GMT
cdn-storageserver: DE-168
cdn-requestpullsuccess: True
cdn-fileserver: 330
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 05:37:39
cdn-edgestorageid: 756
cdn-status: 200
cdn-requestid: 4896457bbe6daf278d7db29a3a5e9e69
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Size:   17029
Md5:    92415a9053b001b372d89b8f24c18928
Sha1:   48855f70bbc1e689f2cf498cbd47bf7efe63f8a5
Sha256: e798471bfe339595cdf3f98312af5257912303c759201fecf04bd48615a04188
                                        
                                            GET /t/p/w185/5WXeYnezavNI6hXH74aQYv6yFzj.jpg HTTP/1.1 
Host: image.tmdb.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.199.37.232
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
content-length: 16868
server: BunnyCDN-DE-874
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272b905-41e4"
last-modified: Wed, 04 May 2022 17:33:57 GMT
cdn-storageserver: NY-354
cdn-requestpullsuccess: True
cdn-fileserver: 266
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 07:18:45
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: 589baff888a63a037e29369aa8c2b34c
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Size:   16868
Md5:    98c8ad24a680838ccd4851de1919902e
Sha1:   7e8c0473a44cbc8c4ebbbf0e15d2db1240b088b9
Sha256: 915875d92a9551c3cba39ee3942b3c11039894e4cf408202e8c6361c1b3684bf
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "813D7D8A58566A30965F10CE59D9598D593983DC87D3F9A35E97F4F9B103CE8E"
Last-Modified: Mon, 26 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11966
Expires: Tue, 27 Sep 2022 22:15:59 GMT
Date: Tue, 27 Sep 2022 18:56:33 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/themes/movies/assets/css/img/btn-overlay.png HTTP/1.1 
Host: ww1.ytsmx.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/wp-content/themes/movies/assets/css/theme.main.dark.css?ver=1.2.5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         5.189.145.98
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 27 Sep 2022 18:56:33 GMT
Content-Length: 1635
Last-Modified: Tue, 24 Aug 2021 10:42:18 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6124cd0a-663"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size:   1635
Md5:    12d5611797b50ab2547dd7f7bb2ec1ea
Sha1:   def53aa40fc60528aeebfbd005ac53d1a7263f67
Sha256: d2d32248182e26b1f14bf77ece9fb5eac077680aa6251006362878fb6f763df8
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "813D7D8A58566A30965F10CE59D9598D593983DC87D3F9A35E97F4F9B103CE8E"
Last-Modified: Mon, 26 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11966
Expires: Tue, 27 Sep 2022 22:15:59 GMT
Date: Tue, 27 Sep 2022 18:56:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "813D7D8A58566A30965F10CE59D9598D593983DC87D3F9A35E97F4F9B103CE8E"
Last-Modified: Mon, 26 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11966
Expires: Tue, 27 Sep 2022 22:15:59 GMT
Date: Tue, 27 Sep 2022 18:56:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "813D7D8A58566A30965F10CE59D9598D593983DC87D3F9A35E97F4F9B103CE8E"
Last-Modified: Mon, 26 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11966
Expires: Tue, 27 Sep 2022 22:15:59 GMT
Date: Tue, 27 Sep 2022 18:56:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "813D7D8A58566A30965F10CE59D9598D593983DC87D3F9A35E97F4F9B103CE8E"
Last-Modified: Mon, 26 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11966
Expires: Tue, 27 Sep 2022 22:15:59 GMT
Date: Tue, 27 Sep 2022 18:56:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 60
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 18:56:33 GMT
Last-Modified: Tue, 27 Sep 2022 18:55:33 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ww1.ytsmx.one
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:09:41 GMT
expires: Tue, 26 Sep 2023 21:09:41 GMT
cache-control: public, max-age=31536000
age: 78412
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Size:   9840
Md5:    afda6e429fd299054de28e1f157c683d
Sha1:   c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
Sha256: 81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
                                        
                                            GET /ajax/libs/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2 HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ww1.ytsmx.one
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/octet-stream; charset=utf-8
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
content-length: 56780
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-ddcc"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3018315
expires: Sun, 17 Sep 2023 18:56:33 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ycIJno70d%2Bb0RmLPfOJBGdEnxMhb0ug2lNDixtfMGyo1UA9MUv31Mo0Rim%2BtjZueT3v9vzmiEv%2FG7uPZfYwqTZKtxFwD0MfhZNW15RddcMNs8bafrFXssahVwsw9XCJLMaxvMBx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 751675bf78bdb4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Size:   56780
Md5:    97493d3f11c0a3bd5cbd959f5d19b699
Sha1:   1075231650f579955905bb2f6527148a8e2b4b16
Sha256: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "813D7D8A58566A30965F10CE59D9598D593983DC87D3F9A35E97F4F9B103CE8E"
Last-Modified: Mon, 26 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11966
Expires: Tue, 27 Sep 2022 22:15:59 GMT
Date: Tue, 27 Sep 2022 18:56:33 GMT
Connection: keep-alive

                                        
                                            GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ww1.ytsmx.one
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 16:40:18 GMT
expires: Fri, 22 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 440175
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size:   30928
Md5:    ac0d2859ea5f8fd6bcb3c305c08ec184
Sha1:   7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 60
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 18:56:33 GMT
Last-Modified: Tue, 27 Sep 2022 18:55:33 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /TGRVUnhjWzYhRR5VGyYcGVFlMxR1JjE8HCAzEBBdfiIxYDouMB09XjgNMW9BeVxlZUBqFDw2RX9WcyEMLRAgIUV9Qjw8HiNZcyRFfEptfEFiVXMnRX1CISIZK1lkdAg4EDlvSXpSYWFIeF1sYk94UA HTTP/1.1 
Host: reswsentativ.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.140.14
HTTP/2 204 No Content
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azH2Ij4bRjwP85esZMEInad%2BtLCzCwHe30F9pCT%2Btms96qEQabq9U9GOiO9UuTLtF19xoK9U5S%2BLL0QjeWTuwR5bDv8q%2BNd0l4rQpeusVnRgowsPiRd1dBu6WWvgGLjkHPGu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751675bf3b52b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /QlJBZmxtbSIVUScUIlYPL2cMBBs6FhYNVS8QKjw7ERUQJD8uOWcSBSZveFNUcmV0QBwrNnxXVGQhNQcYNyF8V0orPCcJUWQkfFdCcnxwSF9kJ3xXSjYiIAFRc3QxEhgub3BQWnZhcVJVe2J2UFU HTTP/1.1 
Host: reswsentativ.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.140.14
HTTP/2 204 No Content
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2F7mDm0V%2F6AbvM6SSyoHyFZrek9JXNBmcNCR30vF3glhjvuKnk%2FgdNTrZdS7t9DMt45qsOvD2p36yRPNvmdADeYqCy1WkSqmPtw6YQSXgnR1exkVMx8xAIktYHfYAVm0RnHj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751675bf4b6bb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /Y3pLVkdMRSglei4tAQcVJkoIAXUpDS8HATYgExB/IiwNOyE7EW0iLgdHcmN/U01zcDcKHnZldUUJPzczFgl2ZHdTTW0/KQUVdmRhFUd7eH9NQ2VnYRZHenAzExssa3ZFCj8iK15LfWBzUEp/b35TTX9h HTTP/1.1 
Host: reswsentativ.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.140.14
HTTP/2 204 No Content
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nncWnFJmis%2FhvFK9D0t0jHGJhA11HtdOQn60fimOxlJJOLK9DNNTwJBDELAnbtZIgYSnVLcsgjb3O15yRcRG78VN8%2FjHU3PqMqpBqgvQoOUf0hr1NJTuqoNrbxSGH%2FwrF6DV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751675bf4b6eb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /MnNsUFQdTA8jaXwkNmQbdwApBhF3MQo3EmQgC2UtdiU+GhB6BEokPVZOVWVsAkRYdiRbF1FhckEHDSQhQU5ddj1cFQNtckROXX5nBl1eaHoDVRltZRQHHDEzD0JKICBGH1FhYgRHX2BgC0pcZ2EK HTTP/1.1 
Host: reswsentativ.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.140.14
HTTP/2 204 No Content
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOmS66rK9FdZR%2BRwSggEiImlE6ZUaCdI%2FH1p9AzRRRekUX%2BRwKl53JbS595DT0%2FyWRk4RkP2lQA9bJWKeeNaZlg%2FZPZWlGlm7ZhPtucw4EZx4mHcUvdDq5n4w9SxuDJhZevB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751675bf5b7bb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /RG1iTGZrUgE/WxY4MBkHKTsaKjEeCDoUJDM3NAI0IjUGJjF1XUQ4DyBQW3lfdltbahYtCV99QDcZAzgTN1BTag8qCw1xQDJQU2JVcENQdEh1SxdxV2IZEi0BeVxEPBIwAV99UHJZUXxSfVRSe1By HTTP/1.1 
Host: reswsentativ.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.140.14
HTTP/2 204 No Content
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqhXh6%2BQG1oyWdnWlKuoh1FVk5YPYvOBZTApBE9ZKFD4m5zQbz93IxcpJXXMQR%2F8Quw00VSA6pFGpyiuHjDwiHVyG9E7Ekv0KGm5pMS%2Fpu6i17d3oexJbN2WQyGqwk7r6hSI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751675bf5b8eb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST /cFVpd1BfagoEbSUSO0UKQTkDLwUiATAgEiMEWD0/KRMNNggdZU8DORRoUEJoQGJRUSAZMVREYlYmHRYkBSZURWBAYk8ePhY6VEV2BmhZWWhebEdGdgVoWFEkADQOSmFWJR0DPE1kX0FkQ2VdTmlAbFFH HTTP/1.1 
Host: reswsentativ.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.ytsmx.one
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         172.67.140.14
HTTP/2 204 No Content
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWmpWdr%2ByMtYLu6E1dwL2sy03FZrAi%2Ft0uq1cbAcgxwX3yfqff16XC2Kygup%2F2Pmhj12FpGdktgQDzwBjmWcCjHZUcEd4BBQUoYO7MsiHdmNtH20MvH1GLh7ZlkBi85Nskkk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751675bf9bd0b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   613
Md5:    3162f26af91a0d89702d69a347feffa8
Sha1:   f3dccd689964578e99d9aef425700c0527020dd2
Sha256: d32d787f83dda57a10e93cc33ed05bba9809be0f9c45761925ce9c7209e9e53d

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            GET /wp-content/themes/movies/js/live.search.js?ver=DOO_VERSION HTTP/1.1 
Host: ww1.ytsmx.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/movie/halloween-ends-2022-gnometorrent543/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         5.189.145.98
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 27 Sep 2022 18:56:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.22
Set-Cookie: wordpress_sec_43fe39324cb229f6e75461b07e809908=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-content/plugins; secure; HttpOnly wordpress_sec_43fe39324cb229f6e75461b07e809908=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-admin; secure; HttpOnly wordpress_logged_in_43fe39324cb229f6e75461b07e809908=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://ww1.ytsmx.one/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (55565), with CRLF, LF line terminators
Size:   33538
Md5:    f5ca394b716c3070be3043795aa5c862
Sha1:   4c151e062e10fbf64296b7a10d759b72f077a492
Sha256: 4b67ede0d1961841c33ef17f005f2deeefe4c2af8959a5ced3fa75d88694384b
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11602
Expires: Tue, 27 Sep 2022 22:09:55 GMT
Date: Tue, 27 Sep 2022 18:56:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11602
Expires: Tue, 27 Sep 2022 22:09:55 GMT
Date: Tue, 27 Sep 2022 18:56:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11602
Expires: Tue, 27 Sep 2022 22:09:55 GMT
Date: Tue, 27 Sep 2022 18:56:33 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10318
x-amzn-requestid: 6a205445-8a9e-4f25-b144-ba6e6934d383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSlhFNAIAMFmBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330caef-61ecbf9154cd56131b940ac0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qP5-TglQAoTGc78-rIK27mKRTS_WthN0OpiiMqSF-y2rmWxVOyfNVw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:02:24 GMT
age: 78849
etag: "cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10318
Md5:    a90590f26bae9ad9e95ffdfbfb7dd21d
Sha1:   cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3
Sha256: 33fe3394213e01d11c3e005cb5a678ba74511704d4132fc2bd9f7ad4e1b7dbfc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vx-yM_jeJvOaa1UizK5OoDJFkvKnajg2ezLF2l2qnN_OhdTE6I4taQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:55 GMT
etag: "1a26007f761e439db575fb80fb403031260aecf4"
age: 64238
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7455
Md5:    5274e770cb5a704916c8965659709f4a
Sha1:   1a26007f761e439db575fb80fb403031260aecf4
Sha256: e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:25:52 GMT
age: 63041
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6390
Md5:    14218a43c5e5bbce546735a780c8ccce
Sha1:   61676358cdbb2373bc644e66f8a84fbc8cc5daf6
Sha256: 905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MMrek5LO9ukZjB6VV-5McuE_maDzwTOihucz0kwxuaTJMNOpTchoJA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:52:00 GMT
age: 75873
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10211
Md5:    347dca206e13a3b13953f0ab398310b4
Sha1:   be60bbc96c832ae385cc9ae5828bd32703011b21
Sha256: f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 76035
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9163
Md5:    deb8d1e3b6d7fbc8c8ba478269621676
Sha1:   84f5a4c8b38acde814bc790e5b514347718d5bb9
Sha256: ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5319
x-amzn-requestid: d4c13fa8-eb03-4abf-9516-b74eac712b87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreHL5IAMFcOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-487923453bd27d6a744b5a31;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gGfaq_dx7NIHH43-iNn0Ah61HRLT8H3NxPGVoDvkKgBgy8zJWYwRuw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 76035
etag: "75df3341e30281fcbf78c7074980356fdf0be8e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5319
Md5:    46e31aa06b8e86a9a5f9ba1cc3feca08
Sha1:   75df3341e30281fcbf78c7074980356fdf0be8e2
Sha256: d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b
                                        
                                            GET /addthismoatframe568911941483/moatframe.js HTTP/1.1 
Host: z.moatads.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.201.146
HTTP/2 200 OK
content-type: application/x-javascript
                                        
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=37594
date: Tue, 27 Sep 2022 18:56:33 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (523)
Size:   948
Md5:    f14b4e1f799b14f798a195f43cf58376
Sha1:   b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
Sha256: 92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
                                        
                                            GET /wp-content/uploads/2021/08/ytsfav-2.png HTTP/1.1 
Host: ww1.ytsmx.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/movie/halloween-ends-2022-gnometorrent543/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         5.189.145.98
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 27 Sep 2022 18:56:33 GMT
Content-Length: 675
Last-Modified: Tue, 24 Aug 2021 10:47:52 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6124ce58-2a3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Size:   675
Md5:    6f85a739b5a97feaf610342fe4982f3f
Sha1:   6058b8d65d33813ce55c76493c3488859e8ee74a
Sha256: 1e698da573e063b7609fc6e9ab645886bc3d9887ffd5f51e7191759fdc3a8e8e
                                        
                                            GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: text/html
                                        
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Tue, 27 Sep 2022 18:56:33 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Size:   26421
Md5:    707317ccaabe08d32d1bd781754e6871
Sha1:   bb82dcd3e044c960e0861c2ce878f5504e628f78
Sha256: d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
                                        
                                            GET /live/boost/ra-/_ate.track.config_resp HTTP/1.1 
Host: v1.addthisedge.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
content-disposition: attachment; filename=1.txt
content-encoding: gzip
content-length: 47
cache-control: public, max-age=39, s-maxage=86400
date: Tue, 27 Sep 2022 18:56:33 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   47
Md5:    24c668b115f75423506f2ea21d1b49c2
Sha1:   14f956ddb2d9e8b072cd5f605c3f39526490b391
Sha256: b542daef470a9730029174f975ce3ce236b3e58bf9183b11956acce994b13a16
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 18:41:09 GMT
expires: Tue, 27 Sep 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 924
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2897
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 18:56:33 GMT
Last-Modified: Tue, 27 Sep 2022 18:08:16 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "432FAA36D729ED00FC79BC1C33DA908B86DF850FEE389570476DC27390B557AC"
Last-Modified: Tue, 27 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19456
Expires: Wed, 28 Sep 2022 00:20:49 GMT
Date: Tue, 27 Sep 2022 18:56:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "432FAA36D729ED00FC79BC1C33DA908B86DF850FEE389570476DC27390B557AC"
Last-Modified: Tue, 27 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19456
Expires: Wed, 28 Sep 2022 00:20:49 GMT
Date: Tue, 27 Sep 2022 18:56:33 GMT
Connection: keep-alive

                                        
                                            GET /?ynwzd=958072 HTTP/1.1 
Host: d1zw85ny9dtn37.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww1.ytsmx.one/
Origin: https://ww1.ytsmx.one
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.105
HTTP/2 200 OK
                                        
content-length: 68433
date: Tue, 27 Sep 2022 18:56:33 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ww1.ytsmx.one
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OMjCGyHZIENLxxM8sTcdIJvMOQ4cSTMB3HalwF2vj9eoCxWfhl3Phg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15945)
Size:   68433
Md5:    9c5dd1d4095d3ce76a5b82d6b200546a
Sha1:   3fd4ca077b4ba164dedb72236df89c6518637547
Sha256: d35934f6bf17dcf8539df48dc3198cc1c1fd412a7fdc944a1baad1440fae74d0
                                        
                                            POST /j/collect?v=1&_v=j97&a=1644219966&t=pageview&_s=1&dl=https%3A%2F%2Fww1.ytsmx.one%2Fmovie%2Fhalloween-ends-2022-gnometorrent543%2F&ul=en-us&de=UTF-8&dt=Halloween%20Ends%20(2022)%20YTS%20Torrent%20-%20Download%20YIFY%20Movie&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=862227530&gjid=1876862150&cid=1469982568.1664304991&tid=UA-205881553-2&_gid=1427416559.1664304991&_r=1&gtm=2ou9q0&z=1003004960 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ww1.ytsmx.one
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://ww1.ytsmx.one
date: Tue, 27 Sep 2022 18:56:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.237
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 27 Sep 2022 18:56:33 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1844550807%3A1664304993661034&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrfB84CxqWWBZFmIiJETAbr27rlxGKc2Q4xZu9ZdvQ3FXk0CSx5Ocynpof3DYQ0XddCa_9cOA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-TUNViXRpU_5Wyxi2ehSlZQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:XWiSjWCFjcLLM8V_vDz3OQIT7dTVLQ:lLAX6ayIpI-_ir34;Path=/;Expires=Thu, 26-Sep-2024 18:56:33 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Size:   395
Md5:    06133251764598a64cfd96ad4c460378
Sha1:   f20f6f20d9be7be69a9b901f93519cccb6375585
Sha256: 4776b251e749d92cefc5f7977559c7be0d629917a9ec543f4bf606102a1a0ea8
                                        
                                            GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.237
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 27 Sep 2022 18:56:33 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1812817479%3A1664304993670321&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWr-5qlwzP6YXdj1JWcy2E-7I1I5jCTkwBLjlzAb7LQMimx3nfwnTQLNqsRuphe872i2PAyZ9g
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-5DCKvFQpmD2HVNkThRSEcA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 399
server: GSE
set-cookie: __Host-GAPS=1:Bh6yOl9S-xG3KEhfskc1uwqnq-iMtg:a5Y2oTLs_5EWpzIj;Path=/;Expires=Thu, 26-Sep-2024 18:56:33 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Size:   399
Md5:    9497963dcd77911211373579cd0d3a50
Sha1:   bd35c709b7b89a9f9a52c40af594c0ee3ced501b
Sha256: 20fb8a04156f7bf56afc117109176bae4235b9428753a4ee31ba498f02817998
                                        
                                            GET /jZDQ4U0kHW1Y1dhBdXG5wUQ0KZXBCXks8JxQJSmErJnZcOhooEkwpLVkEHj8oClMFdSwKVwVibwVQWm55QkBIPCJZXFsqIg5STTQiBRJNMnQJW0I6JQhVHWEPURoIdntUHEBieEEHenZ7VFhRPTwcEQpjMVwCZ2V9QQd6dntURk52eiUNDn15TREKYy4BV1-M8bFZyCmN4VAQJY3hBBgg1IBZRXjwxQQZ+an9KBB4mdFU HTTP/1.1 
Host: d1zw85ny9dtn37.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.105
HTTP/2 200 OK
                                        
content-length: 513
date: Tue, 27 Sep 2022 18:56:33 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ImYUE3h4MRm7R5VVk_X9XE-rNor_QaBun5GLfQ4vD30nCcBjgdr1wQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (697), with no line terminators
Size:   513
Md5:    7ef7a6c503a2545eca5cf362b87cecb9
Sha1:   0c3fdf2b75850c4e241109c5ab7a46ead655a509
Sha256: d9e47fb34b2e63c47db2fb6971828fe3a4abf2c3982e9a00b90f343a16d0be80
                                        
                                            GET /utx?cb=oRzjhl2l6AYo&top=ww1.ytsmx.one&tid=959269 HTTP/1.1 
Host: hatsheisaco.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.ytsmx.one
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         108.157.214.101
HTTP/2 204 No Content
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://ww1.ytsmx.one
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 27 Sep 2022 18:57:33 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 ab5e2ae728dfa6338273a7f7bcdc636c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 7u1qlVhQiPH58BnkUw-8_Gg3V64sWYXGJzB4X-POObaW8d2y9jOefg==
X-Firefox-Spdy: h2

                                        
                                            GET /TTzNqc2csXAQVWDtaDk5eegtaRFNpWRkcCT8ODkU/G2AYEVIba0wHHSsOWlULLl0NTkEqXQlOVmlSDhFafxUeAwgkDgIQHiRZDAYAJFJMBgZyXgUJDiNfC1ZVCQZEQ0J9A0ILVn4WWTFCfQMGGgk6S09BVzcLXCxRexZZMUJ9AxgFQnxyU0VJfxpPQVcoVg-kYCGoBLEFXfgNaQld+FlhDASZBDxUINxZYNV55HVpVEnIC HTTP/1.1 
Host: d1zw85ny9dtn37.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.105
HTTP/2 200 OK
                                        
content-length: 522
date: Tue, 27 Sep 2022 18:56:33 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fYEO237Sl8EGDFsGymYs5NvUtA_F9Xeya-faX0VDm6uPGHLBDqDK4w==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (706), with no line terminators
Size:   522
Md5:    6fdaa37394024f63bc3624e7242c11d8
Sha1:   97903b9732b15cf2e9d96c69ea3184190aa61892
Sha256: bfe52999bfb9521119ec88851d21c2759bf77917eb23ddfde07a13497ab228da
                                        
                                            GET /utx?cb=vtcxVAmypNDJ&top=ww1.ytsmx.one&tid=958078 HTTP/1.1 
Host: hatsheisaco.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.ytsmx.one
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         108.157.214.101
HTTP/2 204 No Content
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://ww1.ytsmx.one
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 27 Sep 2022 18:57:33 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 ab5e2ae728dfa6338273a7f7bcdc636c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: udEeOU8zpFUVC1QfZe_FaJWIHnYAuqR_4sx_mhC1o2seOVCgouIlpQ==
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /utx?cb=TB0xVqiBTbPa&top=ww1.ytsmx.one&tid=958074 HTTP/1.1 
Host: hatsheisaco.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.ytsmx.one
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         108.157.214.101
HTTP/2 204 No Content
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://ww1.ytsmx.one
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 27 Sep 2022 18:57:33 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 ab5e2ae728dfa6338273a7f7bcdc636c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: t2IZXP3feEJR_Ot0k5oN4yS-BodDGr-DuyXrSnqxfqR9QLqAnTzCIg==
X-Firefox-Spdy: h2

                                        
                                            GET /8bEszTHoPJF0qRRgiV3FDWXMDe0JKIUAjFBx2ZiUrFnpFdB4/GH8tM0o/SShHXG1fLRQLdhUpFA92AmobCCkOfFwYO1wnRxklVykcBSVWKFwZKg4hFRYiXyAbSXl1eVRcbgF8UhR6AmlJLm4BfBYFJUY0X157S3RMM30HaUkubgF8CBpuAA1DWmUDZV9ee1-QpGQckFn48XnsCfEpdewJpSFwtWj4fCiRLaUgqcgViSko+Dn0 HTTP/1.1 
Host: d1zw85ny9dtn37.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.105
HTTP/2 200 OK
                                        
content-length: 335
date: Tue, 27 Sep 2022 18:56:33 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bz1k1woIujhuUhUrk55Uofk87rDX8PXieQJ6-5Y-bOmflH9lQBVoJw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (417), with no line terminators
Size:   335
Md5:    498faabe75807aed2f78226789141f07
Sha1:   bbf3b5f14152f952f7fb98e81d4d7d9f69843fe1
Sha256: 8feb81df44a51f47da6eb1fefd37438e699faaf87e505b8e4ef6e22fd03e7de1
                                        
                                            GET /LSkwyYnMpI1wETD4lVl9Kf3QCVUZsJkENHTpxXSQDAB4EJEV7akYYF3d8FA4SJCsPRBYkLw9TVSsoUF9DbDlTXx4lNlsOHytpACRGZHwXUENiNANTVnkOF1BDJiVcFwtvfgIaS3wTBFZWeQ4XUEM4OhdRMnN6HFJab34CBRYpJ11HQQx+AlNDen0CU1Z4fF-QLAS8qXRpWeAoLVF16akdfQg HTTP/1.1 
Host: d1zw85ny9dtn37.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.105
HTTP/2 200 OK
                                        
content-length: 186
date: Tue, 27 Sep 2022 18:56:33 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yWJNblfxkBzTjHoREIN73xDNyyLw_19Yz-e1LHesAitODzUlHaEl-w==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   186
Md5:    4ac535bbe7174d147ea7fa40a5cadc73
Sha1:   56e20b2c1f89bdd751c4963cb582f9ac42786ee4
Sha256: 821e06e0e7bcc3dc777377ab5cea56372eb6c0a51c65f8d5c98c47d8e5a6f3c0
                                        
                                            GET /v3/signin/identifier?dsh=S-1844550807%3A1664304993661034&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrfB84CxqWWBZFmIiJETAbr27rlxGKc2Q4xZu9ZdvQ3FXk0CSx5Ocynpof3DYQ0XddCa_9cOA HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww1.ytsmx.one/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.237
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 27 Sep 2022 18:56:33 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-6WU6_wv6MygTJerUfEsjwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=dV-aJX75Sb1QYcNATT3g8v4hHRIv5Y07skKliUf6Bn8O9X7BoQ1SsC717ats3cKRpHFFH0HgF8HXK-j0wIAlcCPkX6AQ1ijXVx3vbVCgg2WBwj4WKQagyUUNJs_JA7ocS7ahX03tspEnG7EMvXt8pSJspeWFhHm-jTpQYUbZeus; expires=Wed, 29-Mar-2023 18:56:33 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1151
Md5:    142546bee0baeeea958f42915a0db4a8
Sha1:   698d85555811a2c63eb5aca7c277be805ef1496e
Sha256: 5b9f8efbd1c9aa6e6433f38855a04eee58180e9baaff8d663580059668cc4713
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2897
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 18:56:33 GMT
Last-Modified: Tue, 27 Sep 2022 18:08:16 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /live/red_lojson/300lo.json?si=6333475e66edc09b&bkl=0&bl=1&pdt=1532&sid=6333475e66edc09b&pub=ra-&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=ww1.ytsmx.one&fp=movie%2Fhalloween-ends-2022-gnometorrent543%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1664304991293&jsl=1&uvs=6333475ec497903b000&skipb=1&callback=addthis.cbs.jsonp__54276862202243630 HTTP/1.1 
Host: m.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Tue, 27 Sep 2022 18:56:33 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   89
Md5:    de1af260cde67f712502db77682efadd
Sha1:   634f00547f705f33aa8bc755cbe0d8f7d17828d2
Sha256: 2a8a792361053da171a4a904e929d29fbbaa9b68c5e4b010a3c872a6b8958c45
                                        
                                            GET /floater?cs=VldJWjVlbntuDWZhfG8EZmR%2FYwE&abt=0&red=1&sm=83&k=2022%20torrent%20download%20yify%20movie%20face%20halloween%20ends&v=0.8.9.1&sts=0&prn=0&emb=0&tid=958078&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fww1.ytsmx.one%2Fmovie%2Fhalloween-ends-2022-gnometorrent543%2F&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td11_oi1_&_cGIj=1664304990981&crc=1 HTTP/1.1 
Host: hatsheisaco.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.ytsmx.one
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         108.157.214.101
HTTP/2 200 OK
content-type: text/plain
                                        
content-length: 6326
date: Tue, 27 Sep 2022 18:56:34 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://ww1.ytsmx.one
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=669ebed0-40eb-453e-982f-89c62f7758c2
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 ab5e2ae728dfa6338273a7f7bcdc636c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: ox4BR-LNi9OVEuv6NG7u0f-LidXCW8P70G7we0Vr7mEx_d3TPcNTOw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9299), with no line terminators
Size:   6326
Md5:    8518b29c4cc7fd4fc5c170c01e024ea1
Sha1:   17edbfaae9d9024d2fda212a65fa0d62385e25e3
Sha256: 7afdbdb49711ccecbc2adebb5256ce2526726d69175fa725d56da86ab845d0a6
                                        
                                            GET /dsp-stats/impression/1795175?var=958078&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0&ip=91.90.42.154&pl=s931FoA54JtK-McgqIxNxnlTdmpviER82ZmIt28S4txOumKM9jUA3KUjsXQORbCkoCmGAStmsj8zo5uuBCkSiGic1OHa_Q_rQAgPPngYS5pTwc36jKMZX-mnac_YUSUFbwswZt_ypGAyZm6MtmX_j6yzq7LUdP20LPh12iZBq_efaoBZqIF3nN3QEdpKQw0WE1ye2UqCpb7MniOua_IbLa8Dh7IgPM4WdJAzxH494DEypbXfNd9W-TX_YSf1OhQg3ZYF20r5D8Dukok12Cesf4KihCwcY7Az5e1OG7Vazlv4Y2K7yy-6dUDS3ypS0qOWUT3kmnG4vsXD2ZsUkTvKuZ9Yhl4Wv30-E72jmHeCo1HpChlcCWgWICOzy039MrkcACNQQffHosETXSN2esrVyDLP6y-BRiVj0Hcd4uTl7twCMKuPpwlX2rO_3fCiAzObimulmO95NDTgM34_DJXI2lF3irOweSXBgSnX1zRZG72stAKyUBOhA7TxYS33BQjcbIxh2LVwVAW6nr3tq6bax-P6bzPY5oJtgIwPv4bBLptOagwA9gwPeq-6wrVHd0GD47OGPbg8ilvaAAs5ShA5-HG_bztuT8z-s_F9KkcoQjYgDSXZwVf0ELtiNjwhdX4tTT9RozIqArQNdPXV1fBJd6gi602MMd4HJjIVrpQ015gERXz69cF8fQsmD2MtLejO1ICscT2HUuaupgccppr1iMr5eCohIoa_X-dzD6jJOvldGvzEwN3eoqEVbxmE4TblLygltx9US-E120_otEIuGvzjSPidYfEcRDrPFjtNs5bNssrq9Qz14UafxpvRoTN0hQJIuypdSd_fc7nRuHx1Apd798y_0OLrPd0Q17f7o4nQnFj_jrf5O28fL-2NRjujgMtsJncJsHraWuCGxNEqzQ9N9ac9UyYCyQKX7YhFlxadMfnQLah2PNDfFIDgE0NFZi1FW31ncRpjEGtB_Eim1RWifIVXERiZu_zQ0Vpgq0rSf58qhsbgmge8uFTjbS2VD0e1KfRa20rIKLQ8AdqWGN_QPaRzxtF7Zvu2S2mNJn3emQ==&rd=IYU_0ks-0-mtN6CLMJesOsdCIwLjYU_Czz8NmOYBlJM6-SFicRQWzLLOBV330HWAe94eChVyR6w3yaGwIP_QXI18f6U_MUVf2Y0vb3LqeQUmKAooTdnCVrhuMJCfe4HfHR9lq2tporTEkGpU8PjuK0s= HTTP/1.1 
Host: hypermusk.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         62.122.171.12
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 18:56:35 GMT
content-length: 108
location: https://cdn.pncloudfl.com/pn/514/b34/fc1/514b34fc18d3f446e094227228e3b1595fe3abf9.jpg
x-route-id: stats.push-notifications.dsp-impression
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   108
Md5:    f23ac69cb92f31e35484bf5cb8b4e3ee
Sha1:   a06747f841dade6bc3393d0b8941c0ef98968aac
Sha256: bdff3dd3bbf327d16ba79e288968afe70ac86d4b335fc68e0816af42d538cdb0
                                        
                                            GET /dsp-stats/impression/1795175?var=958078&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0&ip=91.90.42.154&pl=s931FoA54JtK-McgqIxNxnlTdmpviER82ZmIt28S4txOumKM9jUA3KUjsXQORbCkoCmGAStmsj8zo5uuBCkSiGic1OHa_Q_rQAgPPngYS5pTwc36jKMZX-mnac_YUSUFbwswZt_ypGAyZm6MtmX_j6yzq7LUdP20LPh12iZBq_efaoBZqIF3nN3QEdpKQw0WE1ye2UqCpb7MniOua_IbLa8Dh7IgPM4WdJAzxH494DEypbXfNd9W-TX_YSf1OhQg3ZYF20r5D8Dukok12Cesf4KihCwcY7Az5e1OG7Vazlv4Y2K7yy-6dUDS3ypS0qOWUT3kmnG4vsXD2ZsUkTvKuZ9Yhl4Wv30-E72jmHeCo1HpChlcCWgWICOzy039MrkcACNQQffHosETXSN2esrVyDLP6y-BRiVj0Hcd4uTl7twCMKuPpwlX2rO_3fCiAzObimulmO95NDTgM34_DJXI2lF3irOweSXBgSnX1zRZG72stAKyUBOhA7TxYS33BQjcbIxh2LVwVAW6nr3tq6bax-P6bzPY5oJtgIwPv4bBLptOagwA9gwPeq-6wrVHd0GD47OGPbg8ilvaAAs5ShA5-HG_bztuT8z-s_F9KkcoQjYgDSXZwVf0ELtiNjwhdX4tTT9RozIqArQNdPXV1fBJd6gi602MMd4HJjIVrpQ015gERXz69cF8fQsmD2MtLejO1ICscT2HUuaupgccppr1iMr5eCohIoa_X-dzD6jJOvldGvzEwN3eoqEVbxmE4TblLygltx9US-E120_otEIuGvzjSPidYfEcRDrPFjtNs5bNssrq9Qz14UafxpvRoTN0hQJIuypdSd_fc7nRuHx1Apd798y_0OLrPd0Q17f7o4nQnFj_jrf5O28fL-2NRjujgMtsJncJsHraWuCGxNEqzQ9N9ac9UyYCyQKX7YhFlxadMfnQLah2PNDfFIDgE0NFZi1FW31ncRpjEGtB_Eim1RWifIVXERiZu_zQ0Vpgq0rSf58qhsbgmge8uFTjbS2VD0e1KfRa20rIKLQ8AdqWGN_QPaRzxtF7Zvu2S2mNJn3emQ==&rd=IYU_0ks-0-mtN6CLMJesOsdCIwLjYU_Czz8NmOYBlJM6-SFicRQWzLLOBV330HWAe94eChVyR6w3yaGwIP_QXI18f6U_MUVf2Y0vb3LqeQUmKAooTdnCVrhuMJCfe4HfHR9lq2tporTEkGpU8PjuK0s= HTTP/1.1 
Host: hypermusk.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         62.122.171.12
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 18:56:35 GMT
content-length: 108
location: https://cdn.pncloudfl.com/pn/514/b34/fc1/514b34fc18d3f446e094227228e3b1595fe3abf9.jpg
x-route-id: stats.push-notifications.dsp-impression
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   108
Md5:    f23ac69cb92f31e35484bf5cb8b4e3ee
Sha1:   a06747f841dade6bc3393d0b8941c0ef98968aac
Sha256: bdff3dd3bbf327d16ba79e288968afe70ac86d4b335fc68e0816af42d538cdb0
                                        
                                            GET /pn/514/b34/fc1/514b34fc18d3f446e094227228e3b1595fe3abf9.jpg HTTP/1.1 
Host: cdn.pncloudfl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.22.58.221
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 27 Sep 2022 18:56:35 GMT
content-length: 22450
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=40774
content-disposition: inline; filename="514b34fc18d3f446e094227228e3b1595fe3abf9.webp"
etag: 19e0f2a507ac755f9419ea98d0121544
expires: Wed, 28 Sep 2022 22:52:58 GMT
last-modified: Thu, 22 Sep 2022 09:48:57 GMT
vary: Accept
x-openstack-request-id: tx7c030a591e2a48f1aae4d-00632c2fcb
x-proxy-cache: HIT
x-timestamp: 1663840136.02468
x-trans-id: tx7c030a591e2a48f1aae4d-00632c2fcb
cf-cache-status: HIT
age: 72217
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 751675cc4ec31c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   22450
Md5:    fd339d0abd644dfc62b8dcd2cd15bd2b
Sha1:   0af5c8cec4712fb169744df0ecc88faf9125e9df
Sha256: 385adfface9b1e607e43242a9d9877fbdf7c71278940709ecad3d2e53e0e931a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "953E09F374ABE33B073DC05709461E3C335FF467A1344A4F82750588627ACB69"
Last-Modified: Tue, 27 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13406
Expires: Tue, 27 Sep 2022 22:40:01 GMT
Date: Tue, 27 Sep 2022 18:56:35 GMT
Connection: keep-alive

                                        
                                            GET /winnotice?sid=H4sIAAAAAAAC%2F1RTTWgkRRSu0b0snpT1IOxhBA8KMumeTGZ6XGQxZiPBuFl2FT0p1VU9k2d6qpqqrulJTkFBcpIRD%2F6cKl%2F%2BUFdZDx5dpbPgISBkbhHNxZMn%2F2DxKDPGjD5o3s%2F3Dl%2B%2F76t3tt0pC%2BD4ycJLeoPSlM%2FM1YLqk6%2BF4ZXqMik3qA6i5hvNxpWq6T%2FTbtaCp6ovJGJNz9SDMAjCIKwukkk6ejAzBkHZ7XZYawe1Rr0WzjUwMB7WVWB5BbJ%2Fyh4BydGFe5VLIFFC9e4sJHYt19nT13ou5bk26MuDV9Sa0oVCb1p2TAUddXC2DW2PF%2B9Cq70JRej%2B%2BWJMI1b57i5idXBGDHF%2Fd8ItTpEoxPIhFP0SSVqCeAmh3wbJYwYIiesrUL3969oUfP0flI%2FREbtw%2F09QMWIXfroE1ftiPqVB9ZZOXU5aWQw6HjQoQd0SmTtEvsFAxSFE%2FhZIfs9m7i9D9XZXbKpB0k%2F%2BnagEdUqkyRDcMrjxRwyuU4HLKujJk6oIw7AVSMGDqC3ErGwlcVMGIW91Qh4GzQhOjOkNkWdDiHQIYTaRmU2s0RDGvQuyJRz3oMwjs%2FvtuShoRUjE0dVfPhrHx%2BB0Um0FrThutNpJQ7brsQh5HIlmey6IGrOyMxc2EdPR1Sf%2B%2Bmrr59XfkRJDwo%2B%2B%2BY1NAlZ5KOd3lCEPkxyxs9gxMj%2B6er616mElg80Z%2BtKjSBgKy1BwhoIYipyh6Ps9mdq69fsytS4Oz3L9LM%2F6HZ13%2FZ7Ou4li29kpe3iizR%2FidawlJ9VOIOpRp92YrUeNdjuOZKM124yaUoQyShqRhKV%2FL0D2AXBbwQaN2KM%2F%2Fops7Br5PmJ%2BCJseQtDj4O4yeOHBVz02lIfUd2zulCLVNY5UTegesvwi8vXKdnrKHptwaX649b%2FzCuORGY836R5DN93auakLtntTF5Z9uZLl1KMNPvbQrZznyYOfvpisF9rIpQU7%2FOQ5MQbG5e2XE5svcyVJdS37bJ6kTMyiNiJhXy%2FZV5P4hrOr884oly3feH5xqZeZxFrSqgSn42sfQNCIXXzvh8njuPz5syBTwjiPnjuXC6RLiGwTNpvOrGYw6bSPM4bC%2BR1Tj6fDsSHSqe7gsYf9Tx9P6237LSx55Jb9DQAA%2F%2F8BAAD%2F%2F6OY%2BuJ5BAAA&ap=${AUCTION_PRICE}&l=3577992&sub3=1664304993&pid=91283&sub2=icon&auid=707bb479e4d92bc1ab8c6950843df516&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1 
Host: stunningruin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         213.174.151.98
HTTP/1.1 307 Temporary Redirect
                                        
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 18:56:35 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4a8e29c9a7a0b19b8bc519ebe896b2fb
Strict-Transport-Security: max-age=0; includeSubdomains

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2501F62B10B278C0E95705040A281C9DD8DF9EE336C30995C85F5329FD8BE7C0"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2353
Expires: Tue, 27 Sep 2022 19:35:48 GMT
Date: Tue, 27 Sep 2022 18:56:35 GMT
Connection: keep-alive

                                        
                                            GET /cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1 
Host: cdn.cloudimagesb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.9
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:56:35 GMT
content-length: 33103
server: nginx/1.17.6
last-modified: Tue, 09 Jun 2020 11:44:50 GMT
etag: "5edf7632-814f"
expires: Thu, 29 Sep 2022 18:56:35 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:05:18 19:19:17], baseline, precision 8, 200x200, components 3\012- data
Size:   33103
Md5:    70cf8250da1a25a7b445231428af7828
Sha1:   a849d338423d2919949340838c768bba90b9081c
Sha256: b7060bc46dc459a00d4124523a26f0cbf31fba31d41fccae9f82bedaf22c1186
                                        
                                            GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/html; charset="utf-8"
                                        
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
x-fb-debug: QL09G9CztbU27l3lx5SW27f+m7ST4tfwPWsbKGfTqOW8nLvRMOnWku+GKi4APVLLP6gD0s+imhGfVKhH/c/AfQ==
date: Tue, 27 Sep 2022 18:56:33 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET / HTTP/1.1 
Host: pogothere.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww1.ytsmx.one/
Origin: https://ww1.ytsmx.one
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.198.35
HTTP/2 200 OK
content-type: text/plain
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
set-cookie: csu=248453036482518@1@1664304993; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://ww1.ytsmx.one
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3923lakGrAPzQvSuZminiXl5H5%2FJ6xuqaig%2B5x84rL07SnX%2FkGPoc2IZQXhP5HB2aYwFn%2Bpnu0DAsbpiDnM2A%2FGxLYPF0UMslNohilNFrHJhHRVKsbnc23XKDUa4QS7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751675c26bdb71b4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /?ynwzd=958074 HTTP/1.1 
Host: d1zw85ny9dtn37.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.105
HTTP/2 200 OK
                                        
content-length: 115612
date: Tue, 27 Sep 2022 18:56:32 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Rg8hzR7FmhhuBV5IvHuYNYc8fklz2hkr-TcA7MrFnBZ_BxPHhvmvwQ==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /popunder.gif HTTP/1.1 
Host: reswsentativ.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww1.ytsmx.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.140.14
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 87963
last-modified: Mon, 26 Sep 2022 18:30:30 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Sn8aKowvhIRY9Iq3YYgLKPHXsoY%2FgGBAOJc5Y7S6AofcO8bLjWoALHyUB8O4h%2Fwbu3HniP6JbWyvXQEzvksdGQCcxAeHzlLY1LSrDPQLww6vxTdEbDf60avMyLrdj%2FoJ872"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751675bf6b93b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /asd100.bin HTTP/1.1 
Host: pogothere.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww1.ytsmx.one/
Origin: https://ww1.ytsmx.one
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.198.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
access-control-allow-origin: https://ww1.ytsmx.one
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5745
last-modified: Tue, 27 Sep 2022 17:20:48 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1KVlga0uIL6rO1HCiLgdjg0sB4%2FkBFe2%2BZGoygOIikm0Y%2F9AljMiobyo4Wj5g8S9SEOu84XXPDMcVW7HcczNhhk9Wzsdl%2FxBBexpgr%2BC0XPGOxZHWneLa%2BTnxuPCqCIT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751675c29c5171b4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /asd100.bin HTTP/1.1 
Host: pogothere.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww1.ytsmx.one/
Origin: https://ww1.ytsmx.one
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.198.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
access-control-allow-origin: https://ww1.ytsmx.one
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5745
last-modified: Tue, 27 Sep 2022 17:20:48 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8MU0s82rAXwhKtxHyxvAxNxrJQUar3sDzGOUefiL1y17jhd5SR27WU%2FqlKU%2FyGxXxR%2BJE4EZ72JnxmU4T0VMd1tSzXc3JfgZOoWb7KztnSOAwIBToWb0OMX23ZqxSUd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751675c29c4e71b4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /asd100.bin HTTP/1.1 
Host: pogothere.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww1.ytsmx.one/
Origin: https://ww1.ytsmx.one
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.198.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
date: Tue, 27 Sep 2022 18:56:33 GMT
access-control-allow-origin: https://ww1.ytsmx.one
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5745
last-modified: Tue, 27 Sep 2022 17:20:48 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5GwXSjhHlQxs5GnXc8YrwK3RzrPOF31Hu3KG0bu7A%2BeFNKIMdloht4nu6ONEQyKJnBLHfLuVqcFR%2FY%2FvXBYyHBb6c%2FrTaJD8P0s%2BY%2FA2MAFTTgejvwuRPmqQaQIKYYo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751675c29c5971b4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /v3/signin/identifier?dsh=S1812817479%3A1664304993670321&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWr-5qlwzP6YXdj1JWcy2E-7I1I5jCTkwBLjlzAb7LQMimx3nfwnTQLNqsRuphe872i2PAyZ9g HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww1.ytsmx.one/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.237
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 27 Sep 2022 18:56:33 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-F51F22Cme7BNy4uYn5RO9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=ODEfcUwJCG7p-cmxBop9V3rufq8UZfv6oLX42oyz2dnOJcsBRkHW4FWk_6kS1C5bfx8SxtfSQGWK9bMiKGoBa0rH_IgNZMQy7Oi6Fk3px3kjOqTuPpx13VdLriRcjVN9lzii8IvdKO3m1lA394ACQFxYvqrhi22P6IxI288JyQU; expires=Wed, 29-Mar-2023 18:56:33 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---